ATTACHMENT REPORT (2019-20120)

Name: KASHAKA VINCEN

REG Number: R166791S

Company: DELOITTE & TOUCHE (Zimbabwe)

Programme: Business Studies and Computing Science

Supervisor: MUZENDA SYLVESTER

An industrial attachment report submitted in Partial fulfillment of the

requirements of the University of Zimbabwe’s HBSCT Degree.

THIS REPORT WAS SUBMITTED TO:

 THE UNIVERSITY OF ZIMBABWE

FACULTY OF COMMERCE

BUSINESS STUDIES DEPARTMENT

HARARE, ZIMBABWE

THIS 10th DAY OF MAY 2020

IN PARTIAL FULLFILMENT OF THE REQUIREMENTS OF THE HONORS IN

BUSINESS STUDIES AND COMPUTING SCIENCE DEGREE

STATEMENT OF APPROVAL

TO BE COMPLETED BY THE STUDENT

I, Kashaka Vincent do hereby declare that this report is the result of own investigation and
research, to the extent indicated in the Acknowledgements and References and by acknowledged
sources in the body of the report, and that it has not been submitted in part or full for any other
degree to any University or College.

Signed………………………………………….on this …………….day of....……20…..

TO BE COMPLETED BY THE INDUSTRIAL ATTACHEMENT SUPERVISOR

I…………………………………….do hereby declare that this report is suitable for submission

to the University of Zimbabwe Faculty of Commerce.

Signed………………………………………on this……………….day of…………..20……..

OFFICIAL ORGANIZATIONAL STAMP

ii
PREFACE

This report is a documentation of the activities of my work-related programme at Deloitte

Zimbabwe from September 2019 to August 2020. It is a comprehensive and detailed analysis of

my practical experience duration my attachment in the Risk Advisory, Cyber & Technology Risk

department. It also seeks to highlight the skills the write developed or gained and how they relate

to the theoretical knowledge acquired in the two academic years at the University of Zimbabwe.

It reflects how the writer applied theoretical knowledge in the execution of tasks, which is one of

the main reasons these attachment programs are in place. It also seeks to shed light on challenges

that the writer faced during the attachment period, and how he conjured up solutions to solve

those challenges.

Deloitte and Touché commends hard work and discipline, an inclusive culture that transformed

my view of and attitude towards work. This report will thus track the evolution and progress

made by the intern from the first day at Deloitte up to the time when this report was compiled.

Making an IMPACT that matters

i|Page
DEDICATIONS

This report is dedicated to all of the auditors I have had the pleasure of working with over the

last 10 months as an attaché. Each of you in your own unique way is a part of the insight and

guidance this report will provide to those who choose to join Deloitte from a confident,

disciplined, and consistent state of mind.

Making an IMPACT that matters

i|Page
ACKNOWLEDGEMENTS

This report was not without its own challenges and hiccups and as such, the writer wishes to
recognize the following among other stakeholders who contributed immensely to my success
both during and before the internship program.

 Deloitte partnership and management for granting the writer the opportunity to gain
experience in IT audit under the Risk Advisory department in the pursuit of his career
objectives. The writer truly acquired the most out of his time at the company and
acquired extensive knowledge as far as Information Technology Audit is concerned.

 Deloitte Risk and Advisory team for their support during time of attachment, they made
me feel appreciated.

 A special mention also goes to the writer’s supervisor Dr. XXX for the assessment and all
lecturers at the University of Zimbabwe for the knowledge they availed to the writer,
which he was able to apply during the work-related learning period.

 Much appreciation goes to friends and colleagues from whom the writer would get
encouragement, support as well as career development; Ropafadzo Maseko, Tendai
Chikandiwa and Yusuf Mohammed.

 My life and work coach Chido Luthili, for giving me all the life lessons and helping out
with audit to appreciate the concepts behind.

 The Almighty God for the gift of life and purpose.

Making an IMPACT that matters

i|Page
TABLE OF CONTENTS

PREFACE....................................................................................................................................................i
DEDICATIONS...........................................................................................................................................i
ACKNOWLEDGEMENTS..........................................................................................................................i
TABLE OF CONTENTS............................................................................................................................ii
ABBREVIATIONS......................................................................................................................................i
EXECUTIVE SUMMARY.........................................................................................................................ii
CHAPTER 1: INTRODUCTION................................................................................................................1
CHAPTER 2: DELOITTE AND TOUCHE................................................................................................1
2.0 Introduction.......................................................................................................................................1
Our Deloitte footprint...............................................................................................................................1
Deloitte Africa............................................................................................................................................1
Deloitte Southern Africa...........................................................................................................................1
2.1 Deloitte Zimbabwe............................................................................................................................2
2.2 Corporate Culture..............................................................................................................................1
2.2 Deloitte Logo.....................................................................................................................................1
2.3 Departmental Structure......................................................................................................................1
2.3 SUPPORT SERVICES OFFERED...................................................................................................2
2.4 THE PEOPLE & PURPOSE.............................................................................................................3
2.5 Conclusion.........................................................................................................................................1
CHAPTER 3: CLOSER LOOK AT DELOITTE ZIMBABWE..................................................................1
3.0 Introduction.......................................................................................................................................1
3.1 AUDIT AND ASSURANCE.............................................................................................................1
3.2 TAX SERVICES:..............................................................................................................................1
3.3 RISK ADVISORY............................................................................................................................1

Making an IMPACT that matters

ii | P a g e
 Cyber Technology Risk.......................................................................................................................1
Data Analytics.....................................................................................................................................2
Internal Audit......................................................................................................................................2
Forensic Audit.....................................................................................................................................2
Tip-offs Anonymous............................................................................................................................3
3.5 CONSULTANCY.............................................................................................................................3
3.6 Conclusion.........................................................................................................................................3
CHAPTER 4: THE ZIMBABWEAN ECONOMY: THREATS AND OPPORTUNITIES (An in-depth
study)...........................................................................................................................................................4
4.0 Introduction.................................................................................................................................4
4.1 Background of study....................................................................................................................4
The Zimbabwean Economic Situation: A critical Analysis.................................................................4
4.2 Implications on the Audit Industry..............................................................................................5
4.3 Recommendations........................................................................................................................6
4.3.1 Corporate Governance and Ethics............................................................................................6
4.3.2 Exceptional Client Service...................................................................................................6
4.4 Conclusion...................................................................................................................................6
CHAPTER 5: ANALYSIS OF AN ELECTED ASPECT OF THE FIRM..................................................1
5.0 Introduction.......................................................................................................................................1
5.1 Staff Training & Development..........................................................................................................1
5.2 On the Job Training...........................................................................................................................1
5.3 Induction Training.............................................................................................................................2
5.4 SHARPS (Self Help Review Programs)............................................................................................2
5.5 Staff Secondment...............................................................................................................................2
5.6 Conclusion.........................................................................................................................................3
CHAPTER 6: WORK PERFORMED AND EXPERIENCE GAINED.......................................................4
6.0 Introduction.......................................................................................................................................4
6.1 Deloitte Documentation.....................................................................................................................4
6.2 Working in an Audit Work paper......................................................................................................4
6.3 AUDIT SECTIONS WORKED ON..................................................................................................5
6.3.1 CYBER TECHNOLOGY & RISK ASSESSMENT (CTRA).....................................................5
6.3.2 General IT Controls. (GITCs).....................................................................................................7

Making an IMPACT that matters

iii | P a g e
 6.3.3 IPE testing..................................................................................................................................8
6.3.4 Automated Controls Testing.......................................................................................................9
6.3.5 Reporting....................................................................................................................................9
6.4 Trainee Experience......................................................................................................................9
6.5 Benefits of Industrial Attachment to the writer................................................................................10
6.6 Challenges faced during attachment..........................................................................................11
6.7 Conclusion.................................................................................................................................11
CHAPTER 7: RELEVANCE OF THEORY TO WORK PRACTICE......................................................11
7.0 Introduction.....................................................................................................................................11
7.1 Communication Skills for Business.................................................................................................12
7.2 Business administration...................................................................................................................12
7.3 Database Concepts...........................................................................................................................12
7.4 Conclusion.......................................................................................................................................13
CHAPTER 8: RECOMMENDATIONS....................................................................................................13
8.0 Introduction.....................................................................................................................................13
8.1 Recommendations to Deloitte..........................................................................................................13
8.2 Recommendations to the University of Zimbabwe..........................................................................13
CHAPTER 9: CONCLUSION..................................................................................................................14
BBLIOGRAPHY.......................................................................................................................................15

Making an IMPACT that matters

iv | P a g e
ABBREVIATIONS

ACTT Automated Controls Testing Tool

CTR Cyber and Technology Risk

ACL Audit Command Language

GITCs General IT Controls

UZ University Of Zimbabwe

CIC Consultant in Charge

JETs Journal Entry Tests

SQL Standard Query Language

ZSE Zimbabwe Stock Exchange

Making an IMPACT that matters

v|Page
EXECUTIVE SUMMARY.

This is a report on industrial and professional experience gained by the student at Deloitte
Zimbabwe. The report aims to summarize the student’s experience and to evaluate the University
of Zimbabwe’s industrial attachment program in line with the process of nurturing future
industry leaders, particularly in relation to the student’s engagement at Deloitte Zimbabwe as
well as analysis of the services offered by the organization. The result being information the
writer can pass on to Deloitte Zimbabwe and the University of Zimbabwe through this report.

Concisely, the primary purpose of the Industrial attachment program is, bridging the gap
between theory and practice.

The writer was fortunate to have applied theoretical knowledge in the audit environment, gaining
valuable exposure into auditing, and the challenges facing Zimbabwean companies in the current
macroeconomic and IT environment.

The report commences by outlining the environment in which the Industrial Attachment was
undertaken, that is, the historical developments of the organization, the present and anticipated
heights. The report progresses to give a generous amount of details on the organization’s culture,
structure, services and service trends, relationships with society, and the nature of developments
in the organization. Eventually, focus is shifted from the company to the experience gained by
the writer during the attachment. An overall assessment of the importance of industrial
attachment program as well as recommendations to Deloitte and the University of Zimbabwe are
included in this report.

This report, written in partial fulfillment of the requirements of the Honors in Business Studies
and Computing Science, is an attempt by the writer to capture the experience obtained during
this period, and relate this experience to theoretical knowledge obtained during the first two
years of study at the University of Zimbabwe. The writer made use of various sources for
information, mainly through the practical work performed itself.

Making an IMPACT that matters

vi | P a g e
CHAPTER 1: INTRODUCTION.

The writer commenced work at Deloitte and Touché on 02 September 2019 and went through a brief induction
process by a member of the Deloitte HR personnel. The writer was introduced to all of the Deloitte team in the
different business units and the Managing partner of Deloitte Zimbabwe and other partners in charge of the
different service lines.

Part of the induction included introduction to Auditing for Internal Specialists Participating in Audit
Engagements, which covered general information regarding the auditing profession, as well as the role of the
Internal Specialists when participating in Audit Engagements. The write was provided with an understanding of
the Deloitte Global Structure and values, and expectations of Deloitte, which gave the writer a sense of
direction and purpose of being at Deloitte.

Indeed, it was a warm welcome and it made the writer feel at home. After the initial introduction, the writer
then joined the Risk Advisory, Cyber & Technology Risk department.

Making an IMPACT that matters 1|Page

CHAPTER 2: DELOITTE AND TOUCHE.

2.0 Introduction.

The firm has a rich history which stretches way back to 1845. History marks William Welch Deloitte (who was
only 27 years old by then) as being the sore founder of this international public accounting entity. His dream
was modified over the years, through numerous mergers and changes, the most notable one of them being the
one that took place in 1990 between Deloitte, Haskins and Sells with Touché and Ross, culminating into
Deloitte and Touché and the subsequent merger of Deloitte and Touché and a Japanese Firm Tohmatsu, Awoki
and Swanwa which gave rise to the present firm Deloitte and Touché Tohmatsu (DTT). The recent changes
occurred in 2004 when the firm adopted the use of ‘Deloitte’ with a green dot at the end as a brand name for the
firm. The adoption of this brand name has been necessitated by the need to differentiate itself from other firms
by formulating a unique trademark that could be associated with quality, honesty and integrity.

To date, Deloitte Touché and Tohmatsu (Deloitte) operates in more than 140 countries worldwide with 700
offices employing over a 165,000 people. The global firm is split into three regions, namely the Americas
(North and South America), the Asia Pacific (Far East, Australia, New Zealand) and Europe Africa (Middle
East, Europe, Africa). Deloitte Africa then sub divides into Southern Africa, Central Africa and East Africa.
Deloitte Zimbabwe falls into Central Africa region together with Zambia and Malawi.

Deloitte’s member firms serve over one-half of the world’s largest companies as well as large national
enterprises, public institutions and successful, fast growing global growth companies. Of the numerous clients
in Deloitte’s worldwide portfolio, some of the most prominent companies are Microsoft, General Motors,
General Electric, Boeing whilst in the region the firm services big names such as Anglo American Corporation,
Tyco International, Standard Bank Group, Sasol, Vodacom, Old Mutual and many other companies spanning
the entire spectrum of industry and commerce.

Making an IMPACT that matters 1|Page

 Deloitte footprint

We are where you are and

Tunisia where you want to be.
Morocco Deloitte is the largest private
Canary Islands professional services organisation
Algeria
Libya
Egypt
in the world with a global
workforce of over 244,400. We
operate in 150 countries with
Mauritania

Niger
worldwide revenues of US$36.8
Mali
Senegal Chad North Sudan
Eritrea
billion in the financial year 2016
Gambia Burkina Djibouti
(+9.5% revenue growth from 2015).
Guinea Bissau Guinea Benin
Ghana Nigeria Somalia
Ethiopia
Sierra Leone Togo
Deloitte Africa
Cameroon
Liberia
Equatorial Guinea
Deloitte Africa is a network of
Sao Tome & Principe
Congo Uganda
Kenya
integrated clusters collaborating to
Gabon Republic
Democratic Rwanda service 53 countries across our
Republic of the Burundi
Congo Tanzania
African continent. It is one of the
Anglophone Africa
oldest, largest and most highly
Southern Africa
Comoros regarded professional services firms
East Africa Angola

West Africa Zambia Malawi in Africa. In order to provide our

clients with the best possible
Zimbabwe
Namibia
service, Deloitte’s Africa practice
Madagascar
Botswana
Mozambique operates as an integrated network
Swaziland rather than a collection of
Lesotho
individual offices, featuring active
South Africa inter-office communication and
exchange of personnel to provide
seamless cross-border services to
our clients across the region.
Brian Mabiza
Managing Partner Deloitte Southern Africa
(Zimbabwe)

Deloitte Zimbabwe is part of the

Deloitte Southern Africa cluster
consisting of South Africa, Namibia,

Making an IMPACT that matters 2|Page

 Botswana, Malawi, Mozambique
and Zambia. It is serviced by 2
offices namely Harare and
Bulawayo. Our operating model
allows our businesses to work
effectively together and enables
sustained enhancement and
innovations to service capability and
cross-border delivery, along with
talent development and deployment.

2.1 Deloitte Zimbabwe.

The Zimbabwean practice commenced its operations in 1905 initially based in Bulawayo. More offices opened
as the years progressed as detailed on the table below:

OFFICE YEAR
Bulawayo
1905

Harare 1910

Mutare 1950 (Closed in 1996)

Making an IMPACT that matters 3|Page

 Gweru 1955 (Closed in 2003)

Kwekwe 1971(Closed in 2014)

After the closure of Kwekwe office in 2014, the firm now operates in Harare and Bulawayo only. With Harare
office being the bigger office with more than 200 audit professionals, including four (4) audit partners. Deloitte
Zimbabwe is part of the Deloitte global family and benefits through man-power development through staff
exchange programmes with member firms globally; technical support; research and development; and access to
a global pool of sector specific expertise when the need arises.
The Zimbabwean practice has grown from strength to strength in similar stride with the global firm through the
mergers of local associates of the global firm as well as through the growth in the client base they service. The
portfolio of listed and unlisted entities that receive professional services from Deloitte is impressive it cuts
across all industries ranging from financial institutions, manufacturing companies, construction companies,
Trust Funds and multi-dimensional conglomerates companies. It includes such companies as Delta Corporation,
Meikles Africa Private Limited, Old Mutual, Econet Wireless Zimbabwe, CIMAS, and many others.

FIRM’S CORE VALUES

Deloitte operates in an industry which is characterised by high levels of competition and composed of notable
high profile firms known as the “Big Four “. The “Big Four” comprise of PricewaterhouseCoopers, KPMG,
Ernest, and Young and Deloitte itself. The firm has to provide service unparalleled by any rival that clients can
distinguish the quality in the services offered by Deloitte from the service offered by other firms.

FIRM’S VALUES.

 integrity

 commitment to each other

Making an IMPACT that matters 4|Page

  teamwork

 diversity

 outstanding value to markets and clients

OUR VISION

To be the undisputed leader in professional services.

OUR PURPOSE

Making an IMPACT that matters

MISSION STATEMENT

‘‘To serve the public interest as one of the cornerstones of corporate governance by supplying world-class
assurance services. Insofar as this is compatible with local and international regulation and the best principles of
corporate governance, to supply world-class advisory professional services to our clients.”

Making an IMPACT that matters 5|Page

2.2 Corporate Culture.

Embedded in the strategic foundation is the Deloitte culture, which denotes the values and behaviors that

contribute to the firm’s unique and psychological environment. Deloitte is governed by a culture of respect and

inclusion. The firm thrives to maintain a culture of inclusiveness by making sure that the voices of its people are

heard and valued and by so doing it will be able to attract and retain the best people and providing better

solutions to clients. To enrich careers and deliver best results, Deloitte offers learning, experiences and

coaching. Employees are also engaged in countless ways, from selecting the right people to lead major changes.

This strong culture has enabled the firm to gain a unique competitive advantage over its competitors.

2.2 Deloitte Logo

Deloitte has a unique logo that clearly distinguishes it from its competitors. It comes with variations as

illustrated below.

The green dot, introduced in 2003 symbolizes opportunities to move ahead and communicates on how Deloitte
as a firm makes an impact that matters, leaving a mark on the planet.

2.3 Departmental Structure

Deloitte adopted Michael Porter’s value chain model in coming up with their departmental structure. Both
Primary activities and Support activities are easily identified on the firm’s departmental structure. Primary
activities are represented by Audit and assurance, Tip offs anonymous, Financial Advisory, Risk Advisory,
Taxation and Consultancy Departments. Whilst support services are represented by Administration, Group
Information Service and Human Resources Department.

Making an IMPACT that matters 1|Page

The diagram below illustrates the firm’s organisational structure:

DELOITTE
ZIMBABWE

Audit & Financial

Risk Advisory Taxation Consulting
Assurance Advisory

Africa
Human
Technology Administration
Resources
Services (ATS)

The writer noted that these departments play roles that are equally important in sustaining and achieving the
firm’s objectives. Absence of support services will result in the firm’s revenue going down by almost fifty
percent.

2.3 SUPPORT SERVICES OFFERED.

2.3.1 Human Resources

The Human Resources department initiates the path to revenue generation as they recruit the best staff that can
compete at the highest level. This department is also responsible for maintaining staff morale, motivating as
well as training them. The writer also noted that the firm is labour intensive and as such, staff is the most
important resource the firm has. Therefore, good results depend on them.

2.3.2 Africa Technology Services.

Making an IMPACT that matters 2|Page

Africa Technology Services changed its name from Group information Services on the 24 th of February 2020.
This is also another department that provides support services. Their main function is to provide the firm with
all IT related resources .The department aims to transform its journey by enhancing technologies so that they
can continue to support practitioners with a world class experience. In modern day business, it is very difficult
to work without email. The department also maintains as well as repair laptops that are used by the staff. They
are also accountable for maintaining devices such as printers. It should not be argued that the Africa
Technology Services department plays a pivotal role in making the firm achieve its objects considering the rate
at which technology is advancing.

2.3.3 Administration.

This department provides IT support services at Deloitte. The department is responsible for making all the
logistics at the firm. They make sure that every resource is at the right place at the right time. Some of the
arrangements they make include taking staff to and from clients, making sure that the firms premises are in
order, making sure that clients are being services as intended, to name but just a few.

The primary activities of the firm are explained in detail in chapter three.

2.4 THE PEOPLE & PURPOSE

Engagement
Partner
Deloitte has a dedicated team of professionals, led by seven
partners who themselves have a lot of experience in audit and
Engagement industry and commerce. The partners lead every engagement, as
Manager the firm prides itself on providing a “partner led service”, to
ensure that clients get the most value for their fee. Training and
knowledge development is emphasized at every level of the
Consultant organization, be it the leadership itself, the senior managers, audit
In Charge seniors or interns joining the firm on a work related learning
program.

Consultants The writer chose the Risk

Advisory department to

Making an IMPACT that matters 3|Page

 demonstrate how a typical department looks like at Deloitte. This is the
second revenue-generating department of the firm after the audit and
assurance department. It provides advisory services to the firm’s
diversified client base. The department has a dual hierarchy (which is
more or like the same), i.e. general hierarchy and audit engagement team
hierarchy.

Making an IMPACT that matters 4|Page

ENGAGEMENT PARTNER:

An engagement partner is a part owner of the firm. He ensures that the financial statement audits are in line with
the ISAs and the firm’s policy (as determined in the Deloitte Audit Approach Manual (DAAM). The following
are some of the responsibilities of the Engagement partner.
 The lead engagement partner, in consultation with the EQAR partner is responsible for ensuring that the
engagement team has appropriate skills, knowledge and experience to carry out the engagement in hand.
 Ensuring that an audit engagement is adequately planned and supervised.
 Ensuring that the engagement team has appropriate skills, knowledge and experience to carry out the
engagement in hand.
 Ensuring that the appropriate audit and client service plans and referral instructions are prepared and
communicated to the professionals assigned to the audit engagement.
 Consulting individuals/experts with the appropriate knowledge, competence, objectivity, authority, and
judgment when necessary.
 Performing a quality assurance review for each audit (to ensure that work has been sufficiently
performed and documented).

RISK ADVISORY MANAGER:

This individual is the second in command after the Partner and is in short, the intermediary between the Partner
and the engagement team. The duties of a manager include:

 Planning teams on engagements

 Participating in the planning and overall management of an audit engagement.
 Reviewing work done by the Consultant In Charge (CIC) and his/her team and discussing the
progress of an audit with the engagement team and ensuring that the Engagement Partner is kept
informed of the progress of the audit.
 Discussing with the engagement partner significant matters arising, concerning the progress of an
audit engagement.
 Discussing with the client issues affecting the audit that needs management attention.
Making an IMPACT that matters 1|Page
CONSULTANT IN CHARGE (CIC)

In most circumstances, this individual will be the most senior person after the Manager on the audit
engagement. The CIC oversees the day-to-day activities performed by the consultants during an audit. The
CIC’s responsibilities comprise:

 Meeting with the audit team to discuss the scope of work to be done at client.
 Requisitioning staff for an audit and assigning those sections (relative to their capabilities) on which
they will perform audit work on.
 Supervising the preparation of work-papers and being the primary reviewer of all work-papers
prepared by the audit team.
 Discussing with the client’s management about issues affecting the audit and the gathering of audit
evidence.
 To provide the Engagement Partner and Audit Manager with feedback as to the progress of an audit,
matters needing their attention as well as justifications for budget overruns etc.
 Preparation of draft reports for review by the Manager and/or Engagement Partner.

CONSULTANTS

These are the individuals to perform most of the field work at client and documenting work papers.
The responsibilities of the consultants comprise of:
 Documenting work papers and ensuring that they are complete prior to submitting them for review.
 Clearing review notes that would have been raised by either the CIC, manager or partner.

2.5 Conclusion.

Deloitte is one big company that has come a long way and is unique from other audit firms with a motive to
make an impact that matters.

Making an IMPACT that matters 1|Page

CHAPTER 3: CLOSER LOOK AT DELOITTE ZIMBABWE

3.0 Introduction.

Deloitte is a multi-disciplinary practice, it is a firm that provides more than just the audit assurance services -
which forms its core business - but has other service lines that complement the assurance service. Deloitte
provides a range of services to its clients, anchored on sound financial strategies and compliance with
regulatory frameworks. Deloitte offers to the market, auditing (both internal and external), Consultancy,
taxation, Risk Advisory, Financial Advisory and tip-offs anonymous.
The service lines that the firm offers inclusive of audit are illustrated diagrammatically as shown below.

SERVICES
OFFERED

Audit & Risk Financial

Taxation Consulting
Assurance Advisory Advisory

3.1 AUDIT AND ASSURANCE

This is the firm’s flagship service, constituting the bulk of its client listing. An assurance engagement is one in
which a practitioner expresses an opinion designed to enhance the confidence of users, other than the
responsible party, about the outcome of an evaluation on subject matter against a set criteria. At the center of
this area is the external audit function. External audit seeks to provide an independent opinion on whether the
financial statements are fairly stated, and presented in accordance with an applicable financial reporting
framework. The firm also places emphasis on value addition in terms of each engagement, to this effect, all
team members must collaborate to produce work that meets and exceeds client expectations. Other assurance
engagements undertaken by Deloitte include financial statements review.

Making an IMPACT that matters 1|Page

In order for Deloitte to deliver quality audits, it incorporates the following imperatives in its work.

DELOITTE AUDIT IMPERATIVES.

 Exercise professional skepticism- documentation must reflect acting as an independent evaluator with an
attitude of professional skepticism and questioning mind-set.

 Become experts in internal controls- demonstrate expertise in understanding relevant controls, including
understanding process flows that support a control reliance strategy and the identification of valuable
control related insights at your clients.

 Manage project plans to optimize engagements- develop and execute a robust plan to optimize the
planning, performance and completion of the audit.

 Integrate engagements teams- own the work performed by internal experts and specialists and involve
them appropriately in planning and concluding.

 Manage referred work- supervise and review the work of component auditors, leveraging effective
communications throughout the process to deliver a high quality group audit.

 Drive development and continuous improvements- improve expertise in audit skills through on the job
coaching and leveraging available content and tools.

 Become experts in risk assessments and audit responses- obtain a deeper understating of your client’s
business, technologies used and their environment and improve application of risk assessment
procedures.

 Embrace professional excellence- take pride in delivering quality individually and together.

Making an IMPACT that matters 2|Page

3.2 TAX SERVICES:

Against the backdrop of increasing monitoring from the tax authorities in light the government’s drive to
substantially increase tax revenue and curb all leakages, the tax department at Deloitte has an important
mandate to help clients navigate the murky tax environment. The tax unit at Deloitte devises strategies aimed at
reducing clients’ tax expense and tax avoidance measures.

More importantly, it shield clients against the risks of non-compliance with the country’s tax policies, which
may ultimately lead to punitive penalties, and in extreme circumstances, prosecution.

3.3 RISK ADVISORY

This is the second largest department at the firm in terms of both revenue and number of staff employed. This is
one of the key audit support department at Deloitte. The following are some of the Risk Advisory services that
are delivered to clients globally, driving consistency, efficiency, and an impact in how the services are
marketed, sharing thought leadership, organizing networks and communities, building capabilities, and
reporting on financial results.

 Operational risk
 Fraud risk
 Cyber risk

The department has service lines within it that focus on the risks that is, Internal Audit, Forensic Audit, Cyber
Technology Risk and Data Analytics.

Cyber Technology Risk.

The writer was incorporated in this department. The core function of this department is to audit the clients’
financial systems and give an assurance that audit can rely on the systems that are providing the financial data
on the financial statements. The Cyber Technology and data analytics departments works hand in hand with the
Audit and Assurance department to break the barriers between the Information Technology and Financial
statements prepared by the client. For example, Audit and Assurance department due to the nature and
complexity of the work cannot audit interest revenue from a bank, consultants from these two (2) then chips in
with their expertise. The Cyber and technology risk department is also responsible for evaluating the
Making an IMPACT that matters 1|Page
effectiveness and efficiency of client’s system before the auditors put reliance on the latter. In other word, the
departments complement the work done by the Audit and Assurance department. However, the departments
also has its own clients where it offers these services without assisting the Audit and Assurance department.

Key deliverables under this service is the management report detailing findings noted.

Data Analytics

Data analytics also known as revenue assurance is the arm of IS audit that focus on testing the accuracy of
information systems in performing calculations. Recalculations on data are performed and the results compared
with reported figures to give assurance that there are no material variances. Data analytics is a form of a
substantive approach to audit as opposed to the controls reliance strategy in the form of ITGCs. Analytics work
takes the form of payroll audits, revenue computations and journal entry tests using data manipulation tools
such as Microsoft excel, Microsoft Access database, SQL database and ACL among other data manipulation
tools.

Internal Audit.

Internal controls offerings assists clients by performing an assessment of a client's internal controls relative to
strategic, compliance, operational and/or financial risks of their business environment. Assessment oriented
engagements are generally high level reviews of the current state to confirm control design effectiveness or
compare current state to leading practice (e.g., a gap analysis). Performing an assessment of a client's financial
reporting risks and controls. Help clients to identify and document financial reporting risks and controls and
evaluate the design effectiveness of internal controls over financial reporting across the enterprise.

Forensic Audit.

The Forensic audit department is responsible for investigating fraud by evaluating a firm’s financial
information. The steps can include planning, review and reporting. If the investigation was undertaken to
discover the presence of fraud, evidence is presented to uncover or disprove the fraud and determine the amount
of the damages suffered. The findings are presented to the client and possibly the court should the case go that
far.

Tip-offs Anonymous

Making an IMPACT that matters 2|Page

Deloitte Tip-offs Anonymous provides an anonymous reporting channel for unethical behaviour in the
workspace. After considering the level of poor corporate governance, harsh economic conditions that may lead
to fraud and misappropriation of assets, Deloitte came up with the best platform to put this to an end and save
Zimbabwe from going into the deep end. This platform is known as Tipp offs anonymous. . It is a service
unique to Deloitte. Tip-Offs Anonymous is an innovative solution to combat fraud within companies. It is a
means by which employees of audit and non-audit clients may use to report, without fear of being identified
anomalies, occurrence of fraud and any other misdemeanours that may be occurring in the clients work
environment. Tip-Offs collects this information over a period of time and then prepares a report to present to
the management of a client, in the hope that the client may look into the areas of concern and improve their
systems so as to reduce the risk of being prejudiced by unscrupulous employees.

3.5 CONSULTANCY

The department specialises in providing clients with advisory services such as corporate finance and company
registration. They also background checks for companies that are on the verge of merging or one taking over of
another. They ensure that the entity has availed all its assets and liabilities and whether they are correctly valued
before the acquisition takes place. Their services are of more value to clients that lack financial literate
personnel such as medical institutions and law firms.

3.6 Conclusion.

This chapter focused on the departments within Deloitte, which make up the primary activities within the
organisation and generate revenue.

Making an IMPACT that matters 3|Page

CHAPTER 4: THE ZIMBABWEAN ECONOMY: THREATS AND OPPORTUNITIES (An in-depth
study)

4.0 Introduction.

This chapter is an in-depth research into the challenges posed by the current economic situation to the audit
industry and business in general. It aims at providing awareness of the threats and opportunities in the operating
environment.

4.1 Background of study

The general operating environment has posed a number of threats to the operations of most organizations in the
country and the audit industry is no exception. Most companies have resorted to restructuring programs and a
number have retrenched sizeable numbers of their staff. The aim of this research is to provide insights to
Deloitte management on the techniques they can use such that they will succeed despite the current wave of
economic challenges.

In conducting this research, the writer made consultations with Deloitte management and made an analysis of
the economic challenges the firm is facing then came up with recommendations to management on how best
these can be addressed. Also addressed in the research are the dynamic nature of client expectations and the
perceptions of the general public with regards to audits.

The Zimbabwean Economic Situation: A critical Analysis.

The prevailing economic climate in the country has posed a number of challenges to business in almost every
sector of the economy from the manufacturing sector right through the service industry. Economic activity has
remained subdued with insignificant economic growth rates being recorded. The country’s manufacturing sector
has suffered from a number of challenges, which include power shortages, limited access to finance, high
production costs and ageing equipment.

The banking sector has also suffered from a number of challenges ranging from lack of confidence in the
banking sector by the members of the public, liquidity constraints and inability to meet minimum capital
requirements stipulated by the Central bank. Since 2009 the sector have witnessed collapse of 9 banking
institutions which include Royal Bank, Genesis Investment Bank, Allied Bank, Capital Bank and the recently
closed Afrisia. Although poor corporate governance can be cited as one of the major causes of collapse,

Making an IMPACT that matters 4|Page

economic constraints and incompatible government policies are major areas of concern. The remaining banks
are still facing a plethora of challenges which include high rates of non-performing loans, low long-term
deposits and a new threat posed by mobile banking. Commodity prices have continued on a downward trend for
players both in the mining and agricultural sectors of the economy.

4.2 Implications on the Audit Industry

The deepening economic crisis have impacted the professional service industry’s operations in more ways than
one, the recent trends in company closures have significantly reduced the client base for the firms. One of the
most obvious sources of audit work, publicly listed firms has been hard hit by a massive exodus of firms in
recent years. A number of firms have delisted from the bourse due to a number of factors ranging from liquidity
constraints to the desire to contain costs. Since one of the requirements of companies to be listed on ZSE is
audit, a decrease in the number of listed firms would result in a decrease in the number of clients that are
required to produce audited financial statements. Currently there are 64 firms that are listed on the ZSE and it is
important to note that these firms are shared by a number of service providers namely Deloitte& Touché,
PriceWaterHouseCoopers, KPMG, Grand Thornton, BDO Zimbabwe among other small firms like PKF, Baker
Tilly Gwatidzo, Mazhandu, Matamba& Company etc

It is also critical to note that most firms are struggling to contain costs thus they have embarked on rigorous cost
cutting measures and they are becoming very conscious in outsourcing services that do not add value to their
operations. This has contributed to the general fall in demand for audit, assurance and advisory services. The
general shift in economic activity from the formal to the informal sector is also a major concern, business in the
informal sector usually lacks standard procedures with no records of their income and expenses and thus no
proper accounting records kept and players in this sector in most cases fail to appreciate the value of services
offered by professional services firms.

The country has also been hard hit by a massive brain drain since the genesis of the 21 st century which saw mass
exodus of qualified personnel to the so called greener pastures. According ICAZ statistics, 55% of their
members are based outside the country, this obviously reflect a critical shortage of qualified accountants in the
country resulting in firms settling for less qualified personnel and also employing less than they would require.
This has negatively impacted financial reporting and auditing in general.

Making an IMPACT that matters 5|Page

It is also critical to note that the general public has misconceptions regarding the purpose of audit, that audit is
done to pick fraud yet it is not. Given the issues around corporate governance in a number of organizations
which were brought on the public domain by investigative journalism in the past years the general public have
since lost confidence in the auditing profession. The 2013-2014 salary gate scandal which left top executives of
PSMAS, Air Zimbabwe, City of Harare and the Broadcasting Authority of Zimbabwe exposed of the hefty
salaries they have been earning has left most of the Zimbabwean population who have little or appreciation on
the purpose of audits with doubts in the usefulness of audits. As a result some of the company executives have
become reluctant to pay for audit and related activities as they claim it does not add value to their operations
hence reduced demand in the services of professional services.

4.3 Recommendations

4.3.1 Corporate Governance and Ethics

More work has to be done in this area given the prevailing environment and the ethical and corporate
governance issues that have rocked the Zimbabwean business community. It is of critical importance that
Deloite as a good corporate citizen should try and address this particular area through educating corporates and
individuals on the importance of acting ethically, reporting unethical behaviors and the benefits to organizations
of rewarding ethical behaviors. This can be achieved by distributing handouts addressing ethical and corporate
governance issues to both clients and non-clients. It will also act as a value addition strategy to the normal audit
and advisory services.

4.3.2 Exceptional Client Service

Given the competition in the industry from various competitors in the audit industry it is imperative that
Deloitte try to add value to existing clients such that it both retains existing clients and attract new clients.
Exceptional client service should incorporate efforts to prioritize client concerns. By so doing Deloitte becomes
the most preferred firm in audit and advisory services. The firm should also endeavor to build lasting
relationships with clients by giving advice and services that ensure business continuity.

4.4 Conclusion

It is the duty of management to ensure that they devise survival strategies to make sure that their organizations
experience some economic breakthrough at the face of economic and pandemic challenges. It is also imperative
that organizations take advantage of technological advances in achieving business objectives. Business need to
Making an IMPACT that matters 6|Page
be proactive in the adoption of new technologies such as ZOOM in this rather than being reactive.
Organizational structures also need to be redesigned from the classical to more contemporary structures as this
helps in cost cutting.

Making an IMPACT that matters 7|Page

CHAPTER 5: ANALYSIS OF AN ELECTED ASPECT OF THE FIRM

5.0 Introduction.

Deloitte has a culture entrenched in training and continuous development. The firm commits itself to equipping
its staff with the requisite expertise and skills, be they technical or interpersonal.

To this end, the firm embarks on training programs from its routine “SHARPS” (Self Help Assessment Review
Programs) , to development through periodic performance reviews with the Manager bi-annually, and
ultimately, the firm’s partners. This chapter will look at the various training and development strategies
employed by Deloitte and Touché.

5.1 Staff Training & Development.

Training and development is a human resources management function focused on improving the Performance
of individuals and teams, as well as grooming individuals for roles they may possibly partake in the future.
Deloitte has a partner in charge of training, whose role includes devising methodologies to train staff in all
aspects of work.

Training can be viewed as an activity focused upon the work an individual or group currently perform.
Development however is a more holistic concept, encompassing training, career development, coaching and
organizational development among others.

5.2 On the Job Training.

Deloitte, due to the nature of its work mainly employs on the job training. This is training provided internally
through instructions and feedback provided in the workplace during the performance of one’s duties. This
training is very fruitful as it is directly relevant and addresses the specific challenges being faced by the staff, or
the skills shortage. The writer went through an effective on the job training program, starting with induction
sessions familiarizing the trainee with the audit and firm environment up until the performance of work during
client field work, under the guidance of audit seniors.

Making an IMPACT that matters 1|Page

5.3 Induction Training.

It is a process of introducing new employees to the firm, with the aim of integrating them into the organization
smoothly. This process also helps the new staff to come to terms with the firm’s culture, values and ethos. This
way, the new recruits get to know what is expected of them professionally and the policies they are expected to
comply with. The writer went through this process four months after joining since the firm inducts all new hires
in November each year, and this helped with behavioral matching, which is important if one is to blend into the
organization’s culture and work ethic.

5.4 SHARPS (Self Help Review Programs)

At the end of every engagement, each engagement team member completes a staff report, detailing the work
performed, challenges faced and their perceived strengths, among other issues. More importantly, the trainee
gets to score their performance, on a scale of 1 (trainee did not meet expectations), to 4 (consistently exceeded
expectations without assistance). The Manager would then review the staff report and score the trainee based on
the audit approach, technical abilities and achievement of turnaround targets.
The sub topics and sections in the staff appraisal report include:

 Which sections the trainee completed on the job

 What the trainee has perceived as strengths and weaknesses.
 What the assignment’s challenges were.
 Trainee, In Charge and Manager’s comments.

The Staff Performance Appraisal helps Deloitte management to identify training needs and the skills gap. The
trainers can hence focus on delivering relevant training strategies aimed at addressing the training needs
identified.

5.5 Staff Secondment.

Deloitte facilitates the secondment of staff to other member firms of Deloitte Global. This program is arranged
as a staff development initiative, meant to build an employee career growth prospects as well as expose Deloitte
staff to diverse industries or sectors. This would ultimately build the firm’s future capacity as well. The
secondment program is open to audit senior who meet the firm’s criteria upon application. If successful, the

Making an IMPACT that matters 2|Page

trainees would then be expected to contribute their newfound skills and expertise to serve the firm upon return.
Hence the secondment policy is vital for skills development.

5.6 Conclusion.

The above-mentioned programs show how Deloitte is committed to help their employees develop and achieve
their career objectives.

Making an IMPACT that matters 3|Page

CHAPTER 6: WORK PERFORMED AND EXPERIENCE GAINED.

6.0 Introduction

The trainee mainly worked in the RA department under CTR during the attachment period. A lot of experience
was obtained by auditing a range of clients across the Manufacturing, Telecommunication, Foundations, and
Retail sectors. The chapter discusses the work that the writer, hereafter referred to as the “trainee” performed,
particularly the audit sections worked on.

The resources and expertise available to the trainee throughout the attachment period meant that the trainee
develop professionally, to a point where she could ultimately work on a lot of the sections with minimum
supervision.

6.1 Deloitte Documentation.

Good documentation is one of the hallmarks of an effective auditor. At Deloitte, the emphasis is on producing
work so detailed that whomever reviews the work gets a good understanding of the circumstances leading to the
adoption of every audit conclusion reached. It follows that, “what is not documented was not done.” According
to ISA 230, audit documentation refers to “the record of audit procedures performed, relevant audit evidence
obtained and conclusions the auditor reached. This documentation is referred to as “working papers”.
Working Papers serve a lot of purposes, namely:
 Making the audit team to be accountable for its work.
 Retaining a record of matters of continuing importance to future/subsequent audits.
 Assisting in the planning of work for the similar clients
 Assisting the engagement supervisors to conduct their review responsibilities
 Enabling the conduct of external inspections (particularly by the PAAB) in accordance with legal
and regulatory requirements.

6.2 Working in an Audit Work paper.

An audit work paper should show a documentation of the objectives of the work paper, the planned audit
procedures (approach), the audit procedures actually performed and the results of the Auditor’s finding
(conclusion.) and at times may also reference the risk that is being addressed in that work paper.
Making an IMPACT that matters 4|Page
6.3 AUDIT SECTIONS WORKED ON.

During the course of the attachment period, the writer worked was afforded a chance to work manage own
clients by herself thereby enabling him to work on all sections that make up the IT environment of the clients.
The sections worked on are classified into CTRA, GITCs, Automated Controls, IPE testing as shown below:

6.3.1 CYBER TECHNOLOGY & RISK ASSESSMENT (CTRA).

These were the trainee’s favorite sections to IT audit. This is largely because the sections are quite engaging and
form the base on which company’s IT environment is based on. The risk assessment has the following sections,
which gives an understanding of a company’s IT environment.
1. IT Environment and organization
2. Application Systems
3. Interfaces, Service Organizations and Tools
4. IPE
5. Significant Events
6. Access Security
7. Cyber Security
8. Data Center and Network Operations
9. System Change control

 IT Environment and Organization.

This section of the CTRA gives an understanding of the IT personnel and their posts within the
organization. The IT Specialist gains an understanding of relevant interfaces between the entity’s
systems. Furthermore, this section gives an understanding of whether deficiencies in the prior year audit
have been resolved. On this section, the specialist gets to understand if the Data analytics is to be
involved in doing JETs for relevant business processes, which rely on the systems to be tested by the IT
specialist.
 Application Systems.
This section gives an understanding of all the systems, data warehouses and report writers that are in use
at the organization and their use.The Specialist also gets an understanding of the database structure and

Making an IMPACT that matters 5|Page

 windows server that are hosting the applications. It further helps in determining systems that are relevant
to the audit.
 Interfaces, Service Organizations and Tools.
On this section, the IT specialist gains a detailed understanding of the interfaces between the entity’s
systems. An understanding of how the entity determines the accuracy of completeness of data from one
system to another. In the case that there is an automated interface, the IT specialist test the accuracy of
the interface on a separate working paper. However, manual interfaces whereby manual reconciliations
of data from the different systems are done, finance auditors tests the interface.
This section also gives an understanding of the organizations that provide services to the entity related to
IT. This will help the specialist determine if the entity has service level agreement with the company
performing the services.
An understanding of the tools used to perform any General IT controls is also gained through
documenting this section.
 Information produced by the entity. (IPE)
Audit may request IT Specialist to test the accuracy and completeness of specific IPE. However, the IT
specialist has to gain an understanding of how the IPE is maintained, extracted from and if a report
writer is used to extract the information determine if there users with access to modify the report logic in
the report writer software. The IT specialist also needs to understand if the entity makes use of any data
warehouse or report writer for financial reporting.
 Significant Events.
The IT specialist on this section gains an understanding of significant changes related to IT that have
occurred since the last audit period. This section is important in helping determine if the changes may
have led to additional risks that arise from IT.
 Access Security.
This section helps the IT specialist to gain an understanding of the process of access authorization and
administration in the different application systems. This section also helps in understanding the
authentication parameters configured on the different relevant application systems. Additionally, access
review processes for the different systems is documented on this section.
 Cyber Security.
This section gives the specialist an understanding of the entity protects its network from external
networks that may attack the entity’s network and result in a cyber-breach. The section also entails
questions to determine if the entity has tools in place that monitor the network. Finally, this section also

Making an IMPACT that matters 6|Page

 helps in understanding the programs that are in place concerning security patch management, incident
response and training users in their role in cyber security.
 Data Center and Network Operations.
This section requires the It specialist to walkthrough the data center and determine if the servers where
the data sits are adequately protected in case of disasters or emergencies.
Also, the IT specialist gains an understanding of disaster recovery which is a critical aspect of business
continuity and one of the major components a sound discovery plan is back up of financial data, testing
its recovery and also maintaining an offsite storage of the backed up data.. Failure to backup financial
data can lead to data loss in case of disasters occurring which may affect business continuity.

This section is important in determining if the entity has a business continuity plan in case there is a
disaster in the data center or there is damage to backup media.
 System Change Control.
An IT specialist gains an understanding on how application, database,windows server changes are made.
Additionally, this section helps determine the process of system, database, software acquisition and
maintenance.

6.3.2 General IT Controls. (GITCs)

General IT controls are tested on the application, database, operating system and network layers of all the
systems that are identified relevant during the cyber and technology risk assessment. The control addresses
certain risks that are identified during the risk assessment. The IT specialist’s role is to address the risks
identified by testing the design, implementation and operating effectiveness of the control. In the case that the
control either fails at design or is designed properly but operating ineffectively, the specialist may need to
perform direct testing procedures to address the risks. When testing whether a control is operating effectively,
the control may have deficiencies that need to be documented and communicated to management. However, a
control may have a deficiency but still operating effectively.

Tests of design and implementation of controls

To test the design and implementation of controls; other audit procedures in combination with inquiries should
be performed. I enquired from management (and any knowledgeable client staff) and also corroborated the
management’s claims with any supporting documentation.

Making an IMPACT that matters 7|Page

For example, inquiries and observations may be made about the entity’s procedures for opening the mail and
processing cash receipts to test the operating effectiveness of controls over cash receipts. Because an
observation is pertinent only at the point in time at which it is made, it should ordinarily supplement the
observation with inquiries of entity personnel and the Auditor may also examine documentation supporting the
operation of such controls at other times during the audit period in order to obtain sufficient audit evidence.

An Automated control-testing tool (ACTT) is used to extract information on the operating system, database and
network layer. For some databases like the SQL, SQL queries are used to extract this information. The controls
are then tested using the results from ACTT.

The following risks are to be addressed on the database, application, operating system and network layers.
Depending on the knowledge gained on the application system gained through risk assessment, some controls
may not be tested.

1. Users have access privileges beyond those necessary to perform their assigned duties, which may
create improper segregation of duties.
2. Inappropriate changes are made directly to financial data through means other than application
transactions.
3. Systems are not adequately configured or updated to restrict system access to properly
authorized and appropriate users.
4. Inappropriate changes are made to application systems or programs that contain relevant
automated controls (i.e., configurable settings, automated algorithms, automated calculations,
and automated data extraction) and/or report logic
5. Production systems, programs, and/or jobs result in inaccurate, incomplete, or unauthorized
processing of data.
6. Data converted from legacy systems or previous versions introduces data errors if the conversion
transfers incomplete, redundant, obsolete, or inaccurate data.

6.3.3 IPE testing

When testing IPE, the specialist need to determine if the reports given to test are complete and accurate. As a
result, the specialist was asked to test for the debtors aging and inventory aging reports.

COMPLETENESS;
 Observe the extraction of the reports and take note of the report logic, source data and parameters
entered.
Making an IMPACT that matters 8|Page
  Compare the record count on the extracted report and with the record count before extraction.

ACCURACY;
Pick sample of one transaction and re-perform. If what is recomputed matches with what has been provided, the
IT Specialist then conclude that the whole report is accurate.

6.3.4 Automated Controls Testing.

Auditors identify controls that are performed automatically by the systems that need to be tested by the IT
specialists. When testing for these, where relevant, the specialist need to test for completeness and accuracy of
the reports. The specialists then picks one instance from the automated output. Where appropriate the specialist
may observe, inspect enquire or re-compute the output and match with what has been provided in the report.

6.3.5 Reporting
The trainee also got to report to management on audit findings. Initially, draft findings are sent to client for
comments and the trainee’s responsibility is to ensure that all the findings within the draft report have an impact
and are correctly rated from low risk to high risk. If the client has queries concerning the findings, these are
discussed in the exit meeting with the client. The report is then sent for manager and partner review.

Subsequently, if there are no queries, the report is sent for formatting, signed by the Risk Advisory Partner, and
filed in the EMS database.

6.4 Trainee Experience.

I worked on audit engagements in a number of economic sectors, which include health insurance,
telecommunications, manufacturing, mining, banking and retail.

General responsibilities

 Timely submission of weekly timesheets

 General security of organizational and clientele information assets in my custody
 Personnel upkeep and maintenance
 Time management
 Engagement feedback requests

Engagement responsibilities.

Making an IMPACT that matters 9|Page

  Planning for the audit engagement including understanding the client business and IT environment.
 General IT Controls review
 Automated Controls testing
 IPE testing
 Updating audit working papers
 Discussing audit findings with audit team
 Preparation of the audit report (reporting on audit findings and giving recommendations to
management)

I.T Infrastructure

During the engagements I worked on, I came across different I.T environments: operating systems, databases
and applications. The table below shows some of the I.T environments that I worked on.

Infrastructure Type
Oracle Database
SQL Server Database
Windows Server Operating System
Linux Operating System
Sage Line Enterprise Resource Planning
SAP Enterprise Resource Planning
Pastel Accounting application system
Sage X3 Enterprise Resource Planning
Paywell Payroll application system

6.5 Benefits of Industrial Attachment to the writer.

 Practical work experience gained – Knowledge was gained into IT auditing, from a practical
perspective. The writer got to work various sections for a diverse client base, this exposure horned
the writer’s technical skills as a lot of technical considerations were met and addressed through
consultation with seniors. This valuable experience will prove useful as the writer progresses upon
the chosen career path.

 Networking Opportunities – the writer worked with, and met various people in industry and
commerce, particularly upcoming entrepreneurs and accounting professionals. This also enhanced
the writer’s interpersonal skills as he met people from diverse cultures and races. Networking is

Making an IMPACT that matters 10 | P a g e

 crucial in creating synergies, obtaining industry information and sustaining mutually beneficial
relationships.

 Personal & Professional Development – the student experienced what it means to take responsibility
and be accountable for one’s work and the results thereof. More often, the trainee would work long
hours on numerous sections, to meet tight deadlines, never failing to turn up for work. The Industrial
attachment nurtured the writer’s technical & soft skills, collaboration capabilities and an analytical
mind-set.

6.6 Challenges faced during attachment.

 Constant encounter with different and complex I.T environments and business environments as I
moved from client to another.
 Working under pressure and within tight deadlines.
 Encounter with some clients that are difficult to manage.

6.7 Conclusion.

The chapter focused on the nature of IS audit, the duties performed by the student during the attachment period
and also the challenges that were encountered by the student.

CHAPTER 7: RELEVANCE OF THEORY TO WORK PRACTICE

7.0 Introduction.

This chapter aims to marry match theory to practice. The writer went through two years of studies on various
theoretical aspects of the IT and commerce field. This chapter gives the insights into how the courses learnt in
school were applicable to practical industry work. It then goes on to identify the gaps and deficiencies in the
university course curriculum and how these can be addressed to meet industry standards and employer
expectations.

There is a gap between theory and work practice. The industry is diverse and dynamic; theory work is now
lagging behind as companies have adopted some innovative systems to deal with the ever changing world and
the crunching economic environment. Nevertheless, a good foundation in theoretical concepts in academic work
helped shape the writer’s mental capabilities and ability to deal with change

In its long and short, theory and work practice are not mutually exclusive, but rather, complementary.
Making an IMPACT that matters 11 | P a g e
Theory lays a solid foundation for work related learning, whilst work practice provides a ground from which to
practice and test the applicability of theory. The writer will use this chapter to zoom in on particular courses
offered on the UZ HBSCT degree program and how they have proved relevant in the writer’s work.

7.1 Communication Skills for Business.

The topics covered during this course included: impression management, business communication media,
managing meetings and inter-cultural communication. During the course of the attachment period, the trainee
worked on a lot of clients across varied sections. Through this work, there was a lot of interaction with different
people, the writer’s interpersonal skills were enhanced as he tolerated all people and learnt from them. Various
business communication media were used in client communications and in liaising with team members. The
writer applied knowledge obtained on email etiquette, listening skills and general courtesy.

7.2 Business administration.

This is a broad module but the major aspects covered in the module encompasses Planning, Organising,
Leading, Controlling, Human Resource Management, Corporate Social Responsibility and Business Ethics,
Strategic Management and lastly Groups and Teams activities. The writer went through the recruitment and
selection processes learnt in management. With regard to planning, leading and controlling, the attaché could
only evaluate and analyse how what was learnt has been applied at but the actual aspect of implementation was
far beyond my scope. Deloitte is also involved in social responsibility programmes as every year and as such,
the firm holds an Impact Day. The Impact day is characterised by activities of corporate social responsibilities
such as visiting charity organisations like children’s home, picking up litter or tree planting. The other aspect of
management noted at Deloitte was its organisational culture, which was well documented, in a blue print named
“The Deloitte Way”. In this, there are aspects pertaining to how employees communicate, how they dress, how
to treat client staff and so on. All this is in agreement with management theories that explain how
organisational culture helps create identity at work and it improves organisational communication. Hence noted
with appreciation the importance and relevance of the knowledge acquired in the management course in the
business world.

7.3 Database Concepts.

Making an IMPACT that matters 12 | P a g e

This course mainly focuses on databases and the standard query language(SQL).Audit of databases maily
requires the skill to run queries from databases, therefore the student was able to extract information from
databases from what had been acquired from this module.

7.4 Conclusion.

The writer appreciated how the modules learnt during the first two(2) years as they helped in executing the job
responsibilities assigned at Deloitte.

CHAPTER 8: RECOMMENDATIONS

8.0 Introduction

This chapter focuses on the insights, advices, suggestions, and possible areas of improvement that were
observed and believed will help improve the quality of service both to the firm Deloitte and the University of
Zimbabwe. Firstly the student will look at the recommendations to the firm, Deloitte and lastly the
recommendations to the University of Zimbabwe.

8.1 Recommendations to Deloitte.

Design of an official “Attachment Program” document for attachment students – to effectively monitor the
progress, development and performance of attachment students. The writer recommends that Deloitte drafts a
comprehensive attachment program guideline. This document would be given to every trainee upon joining the
firm. It would specify the key roles and result areas for these trainees. It could also include areas where attaches
are expected to gain exposure, to this extent; the program can then be used as a guideline in assigning trainees
to clients and sections based on the training goals. This can help to track trainees’ exposure, ensuring a well-
rounded trainee with knowledge spanning abroad range of sections and clients is produced.

8.2 Recommendations to the University of Zimbabwe.

Introduction of the Data Analytics Module at Part 2 – Data is everywhere. In fact, the amount of digital data
that exists is growing at a rapid rate, doubling every two years, and changing the way we live, which makes it
extremely important to know at least the basics of the field. IT students should be familiar with the tools used to
analyze data e.g., ACL and make informed business decisions to enable the student to be competent on all
aspects of the required work.

Making an IMPACT that matters 13 | P a g e

CHAPTER 9: CONCLUSION

The internship period at Deloitte was indeed a remarkable experience for the writer. The writer got the

opportunity to grasp industrial skills from communications skills to professionalism through application of

theoretical knowledge learnt at the University of Zimbabwe. During attachment, the writer applied, shared and

leant new concepts through interacting with professionals.

It is only after finishing the Work-Related Learning program that one realizes how essential it is in the degree

program. The experience that the writer have gained at Deloitte Zimbabwe is a unique one that h doubt he could

have got anywhere else. The writer was afforded the chance to interact with influential people with influential

profiles and get an insight into how they think. All the team members were always available whenever the

writer needed help and this, with the different IT environments at different clients made it an almost perfect

learning experience. The writer got to work with a unique group of attaches whose skills complemented each

other and this helped in execute the majority of tasks assigned without the need to consult with our superiors.

Like any other organization, Deloitte had its challenges but it is important to note that it is from difficulty that

one’s true character is revealed. The write can definitely say that he is now more enlightened person who knows

what it is like to go to work every day to deliver and making an impact that matters.

Making an IMPACT that matters 14 | P a g e

BBLIOGRAPHY
https://wca.deloitteresources.com/about/pages/weca-history.aspx Accessed 23 April 2020

Deloitte Technical Library

Making an IMPACT that matters 15 | P a g e